Privacy & Cookie Policy

Privacy Policy

  1. Name and address of the controller

The controller for the purposes of the General Data Protection Regulation (GDPR), other data protection laws applicable in the Republic of Lithuania and other provisions related to data protection is:

MB Brain Tavern

J. Savickio str. 4,

LT-01108, Vilnius,

Republic of Lithuania

Legal entity code 305776007

Phone: +370 626 13 000

Email: info@braintavern.com

Website: https://braintavern.com

  1. Purpose and scope of the privacy policy

This document sets out BrainTavern policy regarding the collection, use, storage, disclosure of and access to personal data, including sensitive information. This policy aims to foster trust and confidence of our clients, partners and general public in the professionalism of BrainTavern by ensuring that our company complies with Data Protection legislation and handles personal data in our possession in accordance with the GDPR principles.

This policy describes how BrainTavern collects, uses, stores, shares and protects personal data and applies to all personal information collected and maintained by BrainTavern.

  1. Groups of personal data processed by BrainTavern

BrainTavern processes the personal data in relation to which BrainTavern acts as a controller, where it determines the purpose and means of its processing; and the personal data in relation to which BrainTavern acts as a processor, where it processes the respective data on behalf of its clients which determine the purpose and means of its processing.

  1. Purpose and legal basis for the processing of personal data

BrainTavern carries out processing of personal data on the legal basis of Art. 6(1) lit. a GDPR when BrainTavern obtains consent for a specific processing purpose.

BrainTavern carries out processing of personal data on the legal basis of Art. 6(1) lit. b GDPR when the processing of personal data is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract.

BrainTavern carries out processing of personal data on the legal basis of Art. 6(1) lit. c GDPR when BrainTavern is subject to a legal obligation by which processing of personal data is required.

BrainTavern carries out processing of personal data on the legal basis of Article 6(1) lit. f of the GDPR, when it is necessary for the purposes of the legitimate interests pursued by our company, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data. Where Article 6(1) lit. f of the GDPR is the legal basis for the processing of personal data the legitimate interest is (a) to carry out business in favour of the well-being of all the employees and shareholders; (b) to protect the rights and interests of MB Brain Tavern.

  1. Categories of personal data concerned 

BrainTavern may collect and process your personal data, such as your name, surname, address, telephone, email and other contact details, and any other information relating to you which you may provide, when you visit our website and look at our services; enquire about our services; contact BrainTavern via phone, email or website; apply for a position in our company through our website; enter into a contract with us and purchase our services.

  1. Recipients of the personal data and third parties access

We do not sell, trade, or otherwise transfer the personal data to outside parties, except where required with your express consent or where this is necessary and in accordance with applicable law. This does not include trusted third parties who assist us in operating our website, conducting our business, or providing services necessary for the performance of a contract in accordance with art. 6(1) lit. b of the GDPR (e.g. payment services). Trusted third parties have access to your personal data only to the extent necessary for the performance of the above-mentioned tasks on our behalf and are obliged not to disclose or use it for any other purpose. Trusted third parties ensure safeguards and use technical and organizational security measures in accordance with the requirements of the GDPR.

  1. Transfer of personal data to third countries

The data that we collect from you will be only transferred to, and stored at, a destination inside the European Economic Area (EEA). When the transfer of data is necessary in accordance with the contractual or legal obligations, we conduct a review prior to the transfer taking place to ensure that the transfer falls within the limits imposed by the GDPR and the personal data is transferred with legitimate purpose and appropriate safeguards.

  1. Protection of personal data

Having regard to the rules and principles of the Regulation BrainTavern adopted the appropriate technical and organisational measures in order to ensure the protection of the rights of the data subjects; the personal data against unlawful or unauthorised access, accidental loss or destruction, damage, unlawful or unauthorised use and disclosure. All our staff and employees who work or have access to personal data have received adequate training.

  1. The storage period 

We process and store the personal data only for the period necessary to achieve the purpose of storage, or as far as this is granted by the European legislator or other legislators in laws or regulations to which BrainTavern is subject to. We have a retention policy for personal data, that we adhere to, in line with legal and statutory requirements. After expiration of the storage period, the corresponding data is routinely deleted. We also may retain your information for the period of time needed for BrainTavern to pursue legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes and enforce our agreements.

  1. The rights of data subjects in relation to personal data processing

a) Right of confirmation 

Each data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed.

b) Right of access 

Each data subject shall have the right to obtain from the controller free information about his or her personal data stored at any time and a copy of this information. Furthermore, the data subject shall have the right to access to the following information:

  • the purposes of the processing;
  • the categories of personal data concerned;
  • the recipients or categories of recipient to whom the personal data have been or will be disclosed, in particular recipients in third countries or international organisations;
  • where possible, the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period;
  • the existence of the right to request from the controller rectification or erasure of personal data or restriction of processing of personal data concerning the data subject or to object to such processing;
  • the right to lodge a complaint with a supervisory authority;
  • where the personal data are not collected from the data subject, any available information as to their source;
  • the existence of automated decision-making, including profiling and, at least in those cases, meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for the data subject. 

Furthermore, the data subject shall have a right to obtain information as to whether personal data are transferred to a third country or to an international organisation. Where this is the case, the data subject shall have the right to be informed of the appropriate safeguards relating to the transfer.

c) Right to rectification 

Each data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

d) Right to be forgotten 

Each data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay where one of the following grounds applies:

  • the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
  • the data subject withdraws consent on which the processing is based, and where there is no other legal ground for the processing;
  • the data subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of the GDPR;
  • the personal data have been unlawfully processed;
  • the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject;
  • the personal data have been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR.

e) Right of restriction of processing

Each data subject shall have the right to obtain from the controller restriction of processing where one of the following applies:

  • the accuracy of the personal data is contested by the data subject, for a period enabling the controller to verify the accuracy of the personal data;
  • the processing is unlawful and the data subject opposes the erasure of the personal data and requests the restriction of their use instead;
  • the controller no longer needs the personal data for the purposes of the processing, but they are required by the data subject for the establishment, exercise or defence of legal claims;
  • the data subject has objected to processing pursuant to Article 21(1) of the GDPR pending the verification whether the legitimate grounds of the controller override those of the data subject.

f) Right to data portability 

Each data subject shall have the right to receive the personal data concerning him or her, which he or she has provided to the controller in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from the controller to which the personal data have been provided, where the processing is based on the consent or contract concluded with the data subject and personal data are being processed by automated means.

g) Right to object 

Each data subject shall have the right to object the processing of the personal data related to him or her when such processing is based on point Article 6(1) lit e or f of the GDPR. If the data subject submit such request, the controller without undue delay terminates actions of the processing free of charge, except cases, where the controller proves that the personal data are processed for compelling legitimate grounds, which override the interests, rights and freedoms of the data subject or on purpose to declare, execute or defend legal claims.

h) Right to withdraw data protection consent

Each data subject shall have the right to withdraw his or her consent to processing of his or her personal data at any time.

If a data subject wishes to exercise any of the above-mentioned rights, he or she may, at any time, contact BrainTavern at info@braintavern.com

  1. Changes to Privacy Policy

BrainTavern reserves the right to update our Privacy Policy from time to time. Any changes will be posted on this page with an updated revision date. New version of Privacy Policy becomes effective once posted on this page. We encourage you to periodically review this Privacy Policy to stay informed about our information practices.

 

  1. The right to lodge a complaint with a supervisory authority

As a data subject you have a right to file a complaint concerning the processing of personal data with the Lithuanian Data Protection Agency:

Valstybinė duomenų apsaugos inspekcija

L.Sapiegos g. 17,

10312 Vilnius

Tel.: +370 5 271 2804, +370 5 279 1445

Faks.: +370 5 261 9494

Email: ada@ada.lt

  1. Contact us

By using our website or contacting us, you consent to our Privacy Policy. We respect your right to control the personal information of yours that we hold, therefore, we encourage you to contact us in case you wish to modify or delete your personal data and for any questions about our Privacy Policy at info@braintavern.com.

COOCKIE POLICY

Our website uses cookies, as described below. By using our website, or by clicking on “Agree” button, you consent to our use of cookies in accordance with this Cookie Policy unless you have disabled cookies in your browser settings. You may revoke consent in relation to this Cookies Policy at any time by deleting the cookies stored on the computer through the configuration and settings of your Internet browser, as listed below.

  1. Description of cookies

Cookies are small bits of data, which are stored on the user’s computer or any device by the web browser. Based on the browser, this data is stored either in small separate files or in a common file, which records the data of browsed websites. Cookies are used by numerous advanced websites in Lithuania and around the globe and can be stored only when your device settings allow it. There are different types of cookies, and websites would not function without them in the way you are used to them functioning. For example, not using cookies, which confirm that you are logged in, would mean that the website would either not know that it needs to show your profile, or the website would repeatedly display “Error: You must log in” since it would not recognize that you are logged in.

  1. Cookie usage on our website

We use the following types of cookies on our website:

  • Technical and performance enhancing cookies, which allow our website to function correctly and enable you to browse the web page, platform, or application and use the different options or service on it. Some functions of our website may not be available without this type of cookies.
  • Analytical cookies, which collect information on how you use our website, e.g., visited pages and your behavior on our website. They allow us to remember the user’s actions taken on the website (for instance, the language settings), as well as to collect the overall statistics of how often the website is visited.
  • Functional cookies, which record your preferences in order to improve browsing quality and provide enhanced and more personalised experience on our website.
  • Advertising cookies, which are used to send advertising messages in line with the preferences shown during navigation on our website. 

We use third party cookies on braintavern.com to improve the functionality of our website. These cookies, along with collected information, are not managed and controlled by BrainTavern, but exclusively by each provider. This information is managed and controlled by third party companies according to what is indicated in the relative privacy policies.

Our website uses third party Google Analytics cookies, a statistical analysis service provided and managed by Google that makes it possible to analyse your behaviour on the site. You can find privacy policy of Google Analytics, clicking on the links below:

https://policies.google.com/privacy

https://policies.google.com/technologies/cookies?hl=en-US

Our website uses third party Facebook advertising cookies designed by Facebook to deliver a series of advertisement products on Facebook. You can find Facebook privacy policy on:

https://www.facebook.com/about/privacy

  1. List of cookies used on http://braintavern.com:

In accordance with new legislation, we have prepared a detailed description of cookies used on our website, so that you could decide for yourself if they satisfy you, or if you would rather delete the present cookies, or maybe even disable cookie usage in braintavern.com.

Cookie Name 

Description 

Time of Validity 

_ga

Used to recognize users. 

2 Years

_gid

Used to recognize users. 

24 Hours

_gat

Used to throttle request rate.

1 Minute

_gcl_au

Used to understand how a user to our website uses the website by generating analytical data.

3 Months

ajs_anonymous_id

Used for Analytics and help count how many people visit a certain site by tracking if you have visited before.

1 year

ajs_group_id

Used to track visitor usage and events within the website.

1 Year

ajs_user_id

Used to track visitor usage, events, target marketing, and can also measure application performance and stability.

1 Year

1P_JAR

Used to collect site statistics and monitor conversion rates.

1 Month

SID, HSID

Used together to block many types of attack, for example attempts to steal the content of online forms.

SAPISID

Uses Google to save user preferences and information about Google Maps

2 Years

CONSENT

App for cookie policy display

20 Years

SIDCC

Security cookie to protect user data from unauthorized access

3 months

SSID

Cookies are set by the Google+ tool; they allow you to integrate the Google+ plugin on the site.

2 Years

DV

Used to collect information about how visitors use our site which we use to compile reports to help us make improvements.

6 Months

APISID

Saves Google Maps settings

2 Years

NID

Used to remember your preferences and other information

6 Months

_zlcmid

Used to store the Zopim Live Chat ID used.

1 year

_zlcid

Used to store the Zopim Live Chat ID used to identify a device across visits.

1 Year

_zlcstore

Used to store the Zopim Live Chat ID used to identify a device across visits.

2 Years

_hjid

Used to persist the Hotjar User ID, unique to that site on the browser.

1 Year

_hstc

Used to help tracking visitors.

_hjIncludedInSample

Used to let Hotjar know whether visitor is included in the sample which is used to generate funnels.

1 Year

_cfduid

Used to speed up page load times.

1 Year

_fbp

Used by Facebook to deliver a series of advertisement products on Facebook.

Session

_icl_current_language

Used by wpml to maintain the language selected by the client to navigate the website.

Session

hubspotutk

Used to keep track of a visitor’s identity.

13 Months

  1. Social media buttons

Our website uses social network buttons – LinkedIn, Facebook, Twitter, Instagram. If you choose to click on a social network button, a new window will open in your browser which will call our page on the respective service. The information obtained by third party websites accessed via our website is not covered by our Privacy Policy and Cookie Policy and is governed by the terms applicable to your relationship with that third party. BrainTavern accepts no responsibility or liability in respect of third party websites.

  1. How to manage cookie settings

If you do not agree to the use of cookies, you can disable cookies on your web browser from being stored in your computer for privacy reasons by means of a corresponding setting of the Internet browser used. However, if you disable cookies, not all functions of our website may be entirely usable, which might affect your online experience on our website. You may withdraw your consent to our use of cookies on our website at any time. You may also delete/disable cookies on your web browser from being stored on your computer, or to alert you when cookies are being sent to your device. The method depends on the type of browser you use:

Google Chrome;

Microsoft Internet Explorer;

Mozilla Firefox;

Safari

For any other web browsers to change cookie settings, please visit the official webpage of the browser.

  1. Contact us

For any questions and inquiries regarding our Cookie Policy, please contact us by email: info@braintavern.com